package com.example.springbootexamples.config;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.spring.web.config.DefaultShiroFilterChainDefinition;
import org.apache.shiro.spring.web.config.ShiroFilterChainDefinition;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.HashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

    class MyRealm extends AuthorizingRealm {

        @Override
        protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
            return null;
        }

        @Override
        protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
            UsernamePasswordToken usernamePasswordToken= (UsernamePasswordToken) token;
            if("admin".equals(usernamePasswordToken.getUsername())&&"admin".equals(new String(usernamePasswordToken.getPassword()))){
                return new SimpleAuthenticationInfo(usernamePasswordToken,usernamePasswordToken.getPassword(),getName());
            }
            return new SimpleAuthenticationInfo(usernamePasswordToken,usernamePasswordToken.getPassword(),getName());
            //throw new AuthenticationException("login fail");
        }
    }

    @Bean
    public MyRealm myRealm() {
        return new MyRealm();
    }


    /*@Bean
    public ShiroFilterChainDefinition shiroFilterChainDefinition() {
        DefaultShiroFilterChainDefinition chainDefinition = new DefaultShiroFilterChainDefinition();

        chainDefinition.addPathDefinition("/login.html","anon");

        // logged in users with the 'admin' role
        chainDefinition.addPathDefinition("/admin/**", "authc, roles[admin]");

        // logged in users with the 'document:read' permission
        chainDefinition.addPathDefinition("/docs/**", "authc, perms[document:read]");

        // all other paths require a logged in user
        chainDefinition.addPathDefinition("/**", "authc");
        return chainDefinition;
    }*/

    @Bean
    public DefaultWebSecurityManager manager(MyRealm myRealm){
        DefaultWebSecurityManager manager = new DefaultWebSecurityManager();
        manager.setRealm(myRealm);
        return manager;
    }

    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(DefaultWebSecurityManager manager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(manager);
        factoryBean.setLoginUrl("/login");
        Map<String,String> map = new HashMap<>();
        map.put("/login","anon");
        map.put("/login.jsp","anon");
        map.put("/favicon.ico","anon");
        //map.put("/**","authc");
        factoryBean.setFilterChainDefinitionMap(map);


        factoryBean.setUnauthorizedUrl("/**");
        //factoryBean.setUnauthorizedUrl("/login.html");
        return factoryBean;
    }
}
